Checkmarx One Reviews

We use the solution for our international customers.

The UI is user-friendly.

The Fast feature for static application security testing is the most valuable.

The plugins for the development environment have room for improvements such as for Android Studio and X code.

I have been using the solution for two months.

I give the stability a seven out of ten.

I give the scalability a nine out of ten.

The scalability is based on the number of licenses. We currently have five licenses.

The technical support is quick to respond.

Positive

I give the initial setup an eight out of ten. The deployment takes about ten minutes.

The implementation was completed by a consultant.

The solution is costly. I give the solution a six out of ten for price.

I give the solution a nine out of ten.

Checkmarx is used for application security, we can detect the stability and other details on how to fix issues.

The most valuable feature of Checkmarx is the user interface, it is very easy to use. We do not need to configure anything, we only have to scan to see the results.

Checkmarx could improve the speed of the scans.

I have been using Checkmarx for approximately half a year.

We have five people in our company that uses Checkmarx, we do not plan to increase usage.

I have used the support from Checkmarx.

I have not used another before Checkmarx.

The initial setup of Checkmarx was very easy. The process took approximately one hour. We only need to provide information.

We have five people that are supporting Checkmarx in our company.

This solution is one of the easiest solutions I have used. We have professional services set it up for us but the scans are not enough for us.

I rate Checkmarx an eight out of ten.

We are using Checkmarx for application code scanning, such as scanning for different leverages in the application code.

The solution has good performance, it is able to compute in 10 to 15 minutes. 

Checkmarx could improve the REST APIs by including automation.

I have been using Checkmarx for approximately one year.

Checkmarx is stable.

The scalability of Checkmarx is good, we can onboard easily.

We have approximately 200 people in my organization using this solution.

I have not contacted technical support. We have not required it.

I have used SonarQube previously.

The installation is straightforward and takes approximately 40 minutes.

I am able to do the implementation myself.

We have administrators and engineers that support and maintain the solution.

We have purchased an annual license to use this solution. The price is reasonable.

I rate Checkmarx a nine out of ten.

Checkmarx is used only for static application security testing (SAST), and it can integrate very well with DAST solutions. So both of them are combined into an integrated solution for customers running application security.

I expect application security vendors to cover all aspects of application security, including SAST, DAST, and even mobile application security testing. And it would be much better if they provided an on-premises and cloud option for all these main application security features. So most of my customers would love to have consolidated vendors who cover all application security to lower operational overhead.

I'm a solution architect, not an end-user. I'm selling Checkmarx. This is the first year I've done business with Checkmarx. In the past five years, I worked a lot with Fortify and Micro Focus. I currently have two customers running Checkmarx, and one more is evaluating the product.

Setting up Checkmarx should be relatively straightforward. It takes a little more time for the DevOps team to enable everything, but overall deployment should take less than a week, including preparation and implementation. 

Most of my customers opted for a perpetual license. They prefer to pay the highest amount upfront for the perpetual license and then pay for additional support annually.

I rate Checkmarx eight out of 10. Until I get more extensive feedback from clients, I would rate it an eight.

It is very useful because it fits our requirements. It is also easy to use. It is not complex, and we are satisfied with the results.

Its pricing model can be improved. Sometimes, it is a little complex to understand its pricing model.

I have been using this solution for a couple of years.

It is pretty stable.

It has the capability to scale very easily. It is not a problem.

Their support is good. It has a good webpage with a lot of details.

It is very easy to set up. It takes a couple of days. It is not an issue.

It is not expensive, but sometimes, their pricing model or licensing model is not very clear. There are similar variables, such as projects or developers, and sometimes, it is a little bit confusing. 

I would absolutely recommend this solution. I would rate Checkmarx a nine out of 10.

We use the solution for scanning the code for security.

One of the most valuable features is it is flexible. 

The integration could improve by including, for example, DevSecOps.

In an upcoming release, they could improve by adding support for more languages.

I have been using the solution for two years.

I have found the solution to be stable.

The scalability of the solution is good. We have approximately 4000 using the solution in my organization and they are mostly engineers.

The technical support we have experience was good but they could be faster.

I would recommend this solution to others.

I rate Checkmarx a six out of ten.

We're selling their licenses and their technologies. We have on-premises and cloud deployments. Its deployment depends on the customer requirements. 

It is used for a range of requirements for DevSecOps. It has been deployed to ensure that the development cycle delivers clean and secure code that is vulnerability-free. It is there as a part of the whole compliance and security process.

The features and technologies are very good. The flexibility and the roadmap have also been very good. They're at the forefront of delivering the additional capabilities that are required with cloud delivery, etc. Their ability to deliver what customers require and when they require is very important. 

There is nothing particular that I don't like in this solution. It can have more integrations, but the integrations that we would like are in the roadmap anyway, and they just need to deliver the roadmap. What I like about the roadmap is that it is going where it needs to go. If I were to look at the roadmap, there is nothing that is jumping out there that says to me, "Yeah. I'd like something else on the roadmap." What they're looking to deliver is what I would expect and forecast them to deliver.

I have been using this solution for two years.

Our customers are completely comfortable with the scalability of the technologies. They can deploy them initially in a relatively straightforward manner and then grow them into their organization quite successfully. We primarily have large customers.

Our team works with them. Their sales engineering team as well as their pre-sales capabilities are very good. They're clear. They work, and they're available, which is good. It is somewhat unusual in this business.

It depends on different technologies, but it is reasonably quite straightforward.

Its price is fair. It is in or around the right spot. Ultimately, if the price is wrong, customers won't commit, but they do tend to commit. It is neither too cheap nor too expensive.

They're a very good company to work with, and that's a very important aspect of any technology these days. You could find very nice technologies, but if the company is not good to work with, it could be of no use. You'll not be able to get it deployed, and you'll not get assistance. You will get bad value for good technology. Checkmarx is a nice, pleasant, and relatively easy company to work with. You will get a good return, and you will get a good partnership and relationship working with them.

I would rate Checkmarx an eight out of ten.

We are using multiple solutions for application security, and Checkmarx is one of them. We are a client-centric organization, and we are also providing support to clients for application security. Sometimes, we have our own production, and then we scan the customer information and provide application security. For a few clients, it is deployed on the cloud, and for a few customers, it is on-premises.

The feature that I have found most valuable is that its number of false positives is less than the other security application platforms. Its ease of use is another good feature. It also supports most of the languages.

They can support the remaining languages that are currently not supported. They can also
create a different model that can identify zero-day attacks. They can work on different patterns to identify and detect zero-day vulnerability attacks.

It is stable, and it works.

It is scalable. Our clients are small, medium, and big enterprises. It is for all the categories.

Their support is good. I had discussions with them multiple times. We are getting proper support.

It is straightforward. It is not a big challenge. It doesn't take long.

I would rate Checkmarx a seven out of ten.